PeerAccess is a logical framework for specifying authorization policies
and reasoning about authorization in open distributed systems. The
PeerAccess framework supports a declarative description of the behavior
of peers that selectively push and/or pull information from certain other
peers. PeerAccess local knowledge bases encode the basic knowledge of each
peer, its release policies governing the dissemination of each possible piece
of information to other peers, and proof hints that guides and limits its
search process when trying to obtain particular pieces of information from
other peers. PeerAccess supports sticky release policies, where the
original owner of information retains control over its dissemination. In
addition, PeerAccess also supports reasoning about sticky release policies
of derived information, and provides a way to monotonically declassify
derived information based on original information contributors' consent.
PeerAccess supports automated credential retrieval and automated
construction of proofs for authorization, and does so in flexible ways
that are configurable thorough proof hints. PeerAccess's proofs of
authorization are verifiable and nonrepudiable, and their construction
relies only on the local information possessed by peers and their
parameterized behavior with respect to query answering, information
push/pull, and information release policies (i.e., no omniscient viewpoint
is required). PeerAccess also features an open world assumption based
formal semantics and a proof theory.
People
All e-mail
addresses are in the cs.uiuc.edu domain.